What people have to understand about these devices is 'simple economics'. These companies aren't designing much more than the fancy case that it's in. Let's say that you want to start a Bluetooth lock company. You just make a drawing of the case you want it in (or just pick one of the manufacturer's designs), send your company logo artwork to "One Hung Low, Ltd." in China and then OHL sends you 100,000 locks. The locks work well and you sell a bunch of them. Then, someone like this comes along and exploits it. What do you do? Do you recall all of the locks? Do you hire engineers and develop new technology which, in turn, makes the price of your lock uncompetitive against the other brands? Do you send all of your engineering work to China to have it implemented into your locks and then One Hung Low takes your technology and sells it to other companies for their locks? No....you just keep selling shitty locks. It's all about the American mentality of "I want it, and I want it cheap." Let's say that you DO make a well-engineered lock and remove the vulnerabilities. The average person will go to their local home improvement store looking for a Bluetooth lock and see one for $100 and yours for $150. The boxes both make the same claims, so they buy the cheaper one and you go out of business. To make matters worse, if you're trying to compete against cheap locks, your profit margin will be lower and more importantly, the store's profit margin will be lower. The store is ALWAYS going to promote the lock with the higher profit margin. Unless you, as a company, disclose the vulnerabilities of your competitor's locks (and start a war with them), there's no other way to convince people to pay the extra $50 for your lock. Any way you turn, you are fucked, so you just keep selling shitty locks and focus on making the cheap plastic cases more attractive than your competitor. Look at Kwikset. They have over an 80% share of the market for locks that contractors put on new homes. They are the crappiest lock around and always have been. Go to any lock picking forum and read their FAQ. The FAQ will always tell beginners to start out with Kwikset because even a child can pick them. Despite everybody knowing how crappy they are, they still sell a hell of a lot of locks and people don't change them for better locks when they move in. People (the average person) need to start giving a fuck, educating themselves, demanding better locks (and be ready to pay for them) for this problem to go away. Some kid hacking these locks in his spare time isn't going to change anything except for making the information to hack them easier to get. As long as people are still buying them, the companies have NO incentive to make them better. Instead of 'pwning' these companies at cons for the 'lulz', they should be contacting media outlets to let the consumers know how shitty these locks are. This is just the type of thing that news outlets like to sink their teeth into. "Hackers can break into your home from 1/2 mile away.... more at 11:00!!!" Sales will drop, companies will improve the locks to regain customer confidence and THAT'S what will make a difference. Companies only understand one thing... MONEY. When you hurt their bottom line, things will finally change. Until then, security will only be an illusion to the consumer.
The blowing on the mic is driving me nuts!
Stigamus Maximus really? Didn't notice it until I read your comment. Must have tuned it out.
Thank you for the demo. I cited the first case in my rapport about consumer IoT security problems. You are educating people around the world!
The university they did the bike sharing hack at was the University of Illinois in Champaign-Urbana, if anyone was interested..
Is this a contest to see how many times you can say "actually" in a sentence?
PEH PEH PEH TEH TEH PEH PEH
my speakers are broken now
What people have to understand about these devices is 'simple economics'. These companies aren't designing much more than the fancy case that it's in. Let's say that you want to start a Bluetooth lock company. You just make a drawing of the case you want it in (or just pick one of the manufacturer's designs), send your company logo artwork to "One Hung Low, Ltd." in China and then OHL sends you 100,000 locks. The locks work well and you sell a bunch of them. Then, someone like this comes along and exploits it. What do you do? Do you recall all of the locks? Do you hire engineers and develop new technology which, in turn, makes the price of your lock uncompetitive against the other brands? Do you send all of your engineering work to China to have it implemented into your locks and then One Hung Low takes your technology and sells it to other companies for their locks? No....you just keep selling shitty locks. It's all about the American mentality of "I want it, and I want it cheap." Let's say that you DO make a well-engineered lock and remove the vulnerabilities. The average person will go to their local home improvement store looking for a Bluetooth lock and see one for $100 and yours for $150. The boxes both make the same claims, so they buy the cheaper one and you go out of business. To make matters worse, if you're trying to compete against cheap locks, your profit margin will be lower and more importantly, the store's profit margin will be lower. The store is ALWAYS going to promote the lock with the higher profit margin. Unless you, as a company, disclose the vulnerabilities of your competitor's locks (and start a war with them), there's no other way to convince people to pay the extra $50 for your lock. Any way you turn, you are fucked, so you just keep selling shitty locks and focus on making the cheap plastic cases more attractive than your competitor. Look at Kwikset. They have over an 80% share of the market for locks that contractors put on new homes. They are the crappiest lock around and always have been. Go to any lock picking forum and read their FAQ. The FAQ will always tell beginners to start out with Kwikset because even a child can pick them. Despite everybody knowing how crappy they are, they still sell a hell of a lot of locks and people don't change them for better locks when they move in. People (the average person) need to start giving a fuck, educating themselves, demanding better locks (and be ready to pay for them) for this problem to go away. Some kid hacking these locks in his spare time isn't going to change anything except for making the information to hack them easier to get. As long as people are still buying them, the companies have NO incentive to make them better. Instead of 'pwning' these companies at cons for the 'lulz', they should be contacting media outlets to let the consumers know how shitty these locks are. This is just the type of thing that news outlets like to sink their teeth into. "Hackers can break into your home from 1/2 mile away.... more at 11:00!!!" Sales will drop, companies will improve the locks to regain customer confidence and THAT'S what will make a difference. Companies only understand one thing... MONEY. When you hurt their bottom line, things will finally change. Until then, security will only be an illusion to the consumer.
33:40 in this video the best ever 🤣
had to just move on from this video coz his blowing out the mic make it unwatchable
About to move on, myself. It's driving me nuts. :P
6:19 Who the fuck hasn't heard of AirBnB in 2017?
Please fix the title!